<?php

session_start();

require 'connection.php';



$app = new \Slim\Slim();
$app->post('/login/login', 'login');
$app->post('/login/islogin', 'islogin');
$app->post('/login/logout', 'logout');


$app->run();

//------------------------------------------------------------------------------
function islogin() {
    if (!empty($_POST['signature'])) {
        if (isset($_SESSION['signature'])) {
            if ($_POST['signature'] == $_SESSION['signature']) {
                if (isset($_SESSION['user_id'])) {
                    echo '{"error":"true","id":"' . $_SESSION['user_id'] . '","user":"' . $_SESSION['user_name'] . '","role":"' . $_SESSION['role'] . '"}';
                } else {
                    echo '{"error":"false"}';
                }
            } else {
                echo '{"error":"false"}';
            }
        } else {
            echo '{"error":"false"}';
        }
    } else {
        echo '{"error":"false"}';
    }
}

function login() {
    if (!empty($_POST['signature'])) {
        if (isset($_SESSION['signature'])) {
            if ($_SESSION['signature'] == $_SESSION['signature']) {
                if (!empty($_POST['login']) && !empty($_POST['password'])) {
                    $sql = "SELECT * FROM users WHERE login = :login AND password = :password";
                    try {
                        $db = getConnection();
                        $stmt = $db->prepare($sql);
                        $stmt->bindParam("login", $_POST["login"]);
                        $stmt->bindParam("password", $_POST["password"]);
                        $stmt->execute();
                        $rst = $stmt->fetchObject();
                        if ($rst) {
                            $user = array("id" => $rst->id, "name" => $rst->name, "role" => $rst->role);
                            $_SESSION['user'] = $user;
                            $_SESSION['user_name'] = $rst->name;
                            $_SESSION['user_id'] = $rst->id;
                            $_SESSION['role'] = $rst->role;

                            $sql_read = "SELECT * FROM config WHERE id = 1";
                            try {
                                $db = getConnection();
                                $stmt = $db->prepare($sql_read);
                                $stmt->bindParam("id", $id);
                                $stmt->execute();
                                $rst = $stmt->fetchObject();
                                $db = null;
                                $_SESSION['company_name'] = $rst->company_name;
                                $_SESSION['company_ruc'] = $rst->company_ruc;
                                $_SESSION['company_address'] = $rst->company_address;
                                $_SESSION['tax'] = $rst->tax;
                                $_SESSION['current_year'] = $rst->current_year;
                                $_SESSION['current_month'] = $rst->current_month;
                            } catch (PDOException $e) {
                                echo '{"error":{"text":' . $e->getMessage() . '}}';
                            }

                            echo json_encode($user);
                        } else {
                            echo '{"error":{"text":"Login o Password invalidos."},"code":"06"}';
                        }
                        $db = null;
                    } catch (PDOException $e) {
                        echo '{"error":{"text":' . $e->getMessage() . ',"code":"05"}}';
                    }
                } else {
                    echo '{"error":{"text":"Login o Password invalidos.","code":"04"}}';
                }
            } else {
                echo '{"error":{"text":"Login o Password invalidos.","code":"03"}}';
            }
        } else {
            echo '{"error":{"text":"Login o Password invalidos.","code":"02"}}';
        }
    } else {
        echo '{"error":{"text":"Login o Password invalidos.","code":"01"}}';
    }
}

function logout() {
    $signature = $_SESSION['signature'];
    unset($_SESSION['user_id']);
    unset($_SESSION['user']);
    session_unset();
    session_destroy();
    header("Location: index.php");
}

?>